Firms Urged to Scour Dark Web for Breached Data

A security vendor has released a list of top activities organizations should watch out for on the dark web that may cause them harm or indicate they may have been compromised.

Security intelligence firm Terbium Labs claimed that organizations are losing the battle against their online adversaries, despite rising security budgets, and must look to the non-indexed web to give them a much-needed advantage.

To this end, with the right tools they can find customer PII, or financial information such as primary account numbers (PANs) and bank identification numbers (BINs), which are indicative of a breach, the firm argued. Data is sometimes updated daily on underground markets, so scanners must operate frequently.

This kind of intelligence could significantly shorten the window of opportunity for cyber-criminals to use stolen data. The latest stats from IBM claim the mean time to identify a breach dropped just five days over the past year to stand at 163 days. That’s bad news when you consider an average breach now costs $3.9m.

“These days, data breaches are inevitable, so the key to containing the fallout from an incident is proactive detection and response,” Terbium Labs CEO, Danny Rogers, told Infosecurity. “The statistics are clear — data breach costs are directly proportional to the time to discovery, so the earlier an organization can detect that something is amiss, the less damage occurs. Proactive data breach detection is the key.”

Monitoring for customer data is not the only way companies can protect themselves. Leaks to the dark web of proprietary source code could also affect firms by enabling hackers to research vulnerabilities to exploit in attacks, said Terbium Labs.

In addition, third-party breach data dumps may reveal employee credentials that can be used in attacks, or follow-on phishing attempts.

The security firm also warned that “inexpert dark web searching” can actually increase an organization’s risk exposure. It revealed that one security vendor searched so many times for the name of a client CISO that the name made it to the trending section of the now-defunct dark web search site Grams.